For xUML services that have been deployed from the Designer as a container, secured endpoints are created automatically. However, these services are only usable internally and are not exposed to users outside the company. If you want to make them available to others, you can publish them via Scheer PAS API Management and restrict their usage with additional policies.
The following explanations apply to xUML services without user context (forms or role check).
Managing the Designer Service
| In the Designer, you have created a REST service that contains neither forms nor a process. Example: We use a REST service named SupportAPI that handles support cases which are stored to a MongoDB. |
| Choose the deployment target Container. From the Service details page, open the service in the PAS Administration.
|
In the Administration, you can access the service details, which also contain the information about the service endpoints. Use Import API 
to transfer the endpoint to API Management:
You are now redirected to API Management and a wizard will guide you through the creation of the API (refer to Creating an API for a step-by-step guide).
Configuring Your API
You imported the API to API Management, because you want to make it (publicly) available for others to consume. If you want to control the use of your API, differentiate between access groups and benefit from various metrics, we recommend creating a private API (refer to API Types: Public vs. Private for further details).
Example: Our example service handles support cases. The API should be usable by two different access groups:
- Users with limited permissions who can only create support tickets.
- Support administrators who can create and manage support tickets.
Therefore we choose to create a private API with two different plans.
| No matter where you are in the API Management, the Create button Open the menu and click Create Plan to add a new plan. |
| Follow the wizard through some simple steps. You need to...
You can also enter a description, but this is optional. Example: We create a plan for our first use case (users with limited permissions). |
| If you want to create plans for users with limited access, you have to assign appropriate policies. On a newly created plan, you can use the link Click here to attach a new policy in the Overview tab. Expert Advice Go to page Policy Configuration for an overview on all policies supported by Scheer PAS API Management. |
| The policy wizard supports you during policy configuration. Click on the policy tile to open the policy configuration. Example: We choose the Ignored Resources Policy. |
| Now, configure the policy according to your requirements. Example: We configure the Ignored Resources Policy so that support case creators cannot receive or delete support requests. Click Next to see a summary of your configuration. Confirm the summary to attach the policy. |
| The policy is added to the plan, you are now able to lock it. Only locked plans can be used by APIs in the organization. Refer to Locking a Plan for details. |
| In the same way, we create a second plan for support case administrators. Administrators don't have any restrictions because they should be able to access all support tickets. Therefore, their plan has no policies assigned. |
| Now, you need to assign the plans to your API. Go to the API details page, open tab Settings and do the following:
Expert Advice Read more about the visibility concept on page The Concepts of API Management. Example:
|
| You have completed the necessary steps to configure your API. Now, you can publish it to make it publicly available. |
| The API is available in the API Developer Portal. Users can now sign up for it. |
On this Page:
Related Documentation:
Overview
Content Tools